PDQ.com mobilePDQ.com desktop
Support

PDQ PowerShell Scanner Best Practices

Jordan HammondJordan Hammond
·

The PowerShell scanner beta is here! If you are like me when I first got my hands on it, you probably copied in a bunch of different PowerShell scripts to marvel at them running. You also probably ran into what I did where you did not always get the results you expect. So let's dive into a few things I have found that will make your future scanners the best versions of themselves.

Cast Unwanted Data to $null

Have you ever been writing a script, and you notice a line you put in shows some output? Typically we can ignore that as informational, but with the PowerShell Scanner, it will capture that and return the results as part of the result. This can lead to a lot of lines in that table that you do not want and make things convoluted. A great example of this would be if you need to install a module.

Install-PackageProvider "Nuget" -Force

This will allow NuGet to be used, but it will also drop some output that looks like this.

This output will show up in your scanner, which we don't need. Putting $null = in front of that line will remove all output from that line.

$null = Install-PackageProvider "Nuget" -Force

If you have completed a script and are ending up with more than you want in your results, this will help you remove everything that you don't want.

Error Handling is Critical

In a perfect world, all your scripts run in every scenario. We are not in an ideal world, so finding common pain points and adding error handling will allow you to not only somewhat control these errors, but also make sure the scanner error has wording that you can understand. For example, if your script requires a service to be running, you can test to make sure that it is, as well as put whatever you want in the error, so you don't have to dive in.

$CoolStatus = (Get-Service supercoolservice -ErrorAction SilentlyContinue).Status
if ($CoolStatus -ne "Running") {
   throw "The super cool service is not currently running, find a cooler machine for this to work."
}

Now, if you run this against a computer that fails to meet the coolness requirements, you will have a clear message informing you to get to hipper waters stat.

Select Your Objects

We have covered removing stray data to keep it cleaner, but we can take that a step further. So we are at the end game of our script, all machines have met the coolness standards that we expect, and now we are making sure that the awesomeness file has the appropriate permissions, we don't want any lame people getting into this file for sure.

Get-ACL -Path “C:\supersecret$\NothingToSeeHere\Awesomeness.txt”

With this, we are looking into our file, but we are grabbing the path and the owner. We don't need that, all we need is who has access to it.

Get-ACL -Path “C:\supersecret$\NothingToSeeHere\Awesomeness.txt” | Select-Object AccesstoString

There we go, no unneeded information cluttering our precious database.

Use a Script File

You have the option to manually enter your script into the scanner when you are building it, and if this is your preference have at it. However, if you are using the file option, you have a lot more source control on the script. More importantly, if you have multiple servers, you only have to correct a script once, not redo it on every server.

Wow! That is crisp, clean, and centrally stored, making updates far easier.

GitHub

If you are looking for some real-world examples of these recommendations please check out our GitHub. There are some great scripts in there that will give you some great data on your machines, as well as help you get started on creating your own. Even better, if you have created something fantastic that you would love to share, please submit it! We have some guidelines to help you get that approved here

Conclusion

The great thing about PowerShell is that it can do just about anything you can imagine. If you stick to these few guidelines, you will have a much easier time getting all the data that you need most. Use this new tool to become the envy of your peers. Go Forth and PowerShell!

Ready to put the PowerShell Scanner through its paces?

Take our 14-day Free Trial. Feel the power of the PowerShell scanner.
Start a Trial

Don't miss the next post!

(CVE-2020-1472) 'ZeroLogon' Vulnerability

The Zerologon Vulnerability Allows Attackers To Completely Take Over Your Domain Controller Without Credentials.

PDQ.com
© 2020 PDQ.com Corporation

Products

  • PDQ Deploy
  • PDQ Inventory
  • PDQ Link
  • Enterprise SL
  • Pricing
  • Downloads
  • Licensing
  • Buy